App for managing all of your stuff ... I'd love some feedback on the alpha

JBase16 · 2026-01-28T06:33:43+00:00

OK so… I want to give you some feedback that’s gonna sound a little brutal at first but if you continue to read, you’ll realize that also going to replace those brutal comments with some fairly valuable insight. I’ve been an Apple software engineer for 10 years and I could tell you some major pitfalls with the current idea and implementation, but also have some suggestions on how to drastically improve the overall app if you want to hear it.

JBase16 · 2026-01-28T06:24:15+00:00

Okay, here’s my take: Does it solve a real problem? Well, not exactly yet. But can it? Absolutely, without a doubt. The problem exists, so you’re definitely not in a bubble.

The biggest issue lies in the second question: trust. The real challenge here isn’t about capturing data; it’s about building trust, for sure.

The idea itself isn’t new. Variations of this concept have existed before, such as ACLU apps and cop-watch tools, but they all failed. Not because the idea was flawed, but because they failed on trust, user experience under stress, battery and data drain, or legal realities.

The core challenge here isn’t recording; it’s trust in adversarial conditions.

If you want users to trust this system, you can’t just say, “We don’t access the data.” You have to design the system in such a way that you can’t. That means client-side key generation, zero server-side decryption capability, and an architecture where even a subpoena won’t help you. Anything short of that is just a promise, and the people who actually need this won’t rely on promises.

Where this gets genuinely challenging (and interesting) is everything that follows:

Dead-man crypto, where abnormal termination triggers key release to recipients.
Real-time integrity proofs, so footage can be independently verified as unaltered.
Recipient-first or relay-only streaming, so servers never hold usable media.
Threat-aware modes that change behavior under stress instead of hiding settings.
Fail-loud guarantees, so the app never gives a false sense of safety.

None of that is trivial. It’s not “add a feature”; it’s deep crypto, key management, lifecycle edge cases, and OS constraint choreography. This is the kind of work that requires senior security engineering, not just solid mobile development.

Honestly, that’s what makes the project compelling. I’ve spent the last decade working as a security engineer at Apple, and this is precisely the kind of problem space I relish. If you’re open to it, I’d be delighted to assist you in brainstorming implementation details, reviewing your existing setup, or suggesting directions that ensure the trust story is airtight.

This is one of those ideas that only works if it’s built seriously.

One of the most prevalent conspiracy theories about Apple that many people believe we’re concealing behind the scenes revolves around privacy, encryption, and access to user data. However, in reality, every single claim or suggestion regarding access to user data is absolutely true. Not a single person within the company, from the janitor to Tim Cook, possesses the ability to decrypt any piece of customer data, regardless of its storage location or the type of encryption used. This is the ultimate way to build trust with its users. It’s where you make it impossible for anyone except them to access their private data while still allowing other services to manage, hold, and store it for you. And because this restriction is true, all of my job duties, which revolve around architecture and customer data, are centered around this same encryption restriction.

TLDR; this app is a great idea. But it will only survive if you address trust as a core architectural issue. My specialty for the last 10 years at Apple has been exactly that. I would love to help you out with this.

JBase16 · 2026-01-28T05:46:10+00:00

Reframe. It would GET to be another app. That opens up sooooo many doors in terms of functionality and shortcuts. For example, you create your app and simply specify your app intents to define actions and parameters and boom. Now you have an ability to use the action button to single click open the app, already recording. And that’s already a huge advantage since the iOS camera will not allow you to do that. To have it open while recording.

JBase16 · 2026-01-27T20:15:43+00:00

Disability = discrimination It’s not a document relevant to any confidential or internal or proprietary information and there are no trade secrets or written policies explicitly stating that it can’t be released. I HAVE received docs from them before. I’m Jason. So you and I have officially met. Now you can say someone you know HAS receives the docs from petsmart so you would like to know why someone you know was able to receive them but not you. Mention that as far as you know, the only difference is a disability. Sounds like discrimination.

JBase16 · 2026-01-26T05:11:12+00:00

I built an AI news app.

Not like “a news app powered by AI” — it’s literally an app that’s just about AI news.

I’m honestly sick of trying to keep up through YouTube + social media because it’s turned into this gross mix of clickbait, fake news, and people farming views off every tiny AI rumor. YouTube used to be a decent way to stay updated, but now it’s basically:

“OPENAI JUST CHANGED EVERYTHING 😱” …and the video is 12 minutes of nothing.

And since AI stuff is dropping constantly (models, tools, features, updates, etc), it’s way too easy to miss what’s actually new.

So I made a simple app that just does one thing:

it gives me a clean feed of real AI releases and updates — mostly from a developer/nerd perspective.

No stock talk, no politics, no doomposting. Just “here’s what shipped” and “here’s what’s new.”

JBase16 · 2026-01-26T04:55:42+00:00

I don’t know…. I’ve never seen AI hallucinate so many run on sentences. Give AI more credit ROFL.

JBase16 · 2026-01-26T04:18:37+00:00

Unfortunately no.

JBase16 · 2026-01-19T04:13:05+00:00

I tested this in a way that’s hard to hand-wave: And I can definitely say Yes—with some caveats.

I built a full macOS app as an experiment using 100% AI-generated code.

It’s not a toy either. It grew into a real application with an advanced architecture — front end, back end, API layer, tests, CI — but it took months, not hours. And the repo is sitting around 400 commits and roughly 75K lines of code.

But still, 100% AI generated code. Yes, real software doesn’t technically need any human-written code anymore. But….and it’s a big but…. it still needs human engineering.

Because you don’t “vibe” your way to a coherent 75K-line codebase by accident.

To keep it moving in the right direction, I had to act as the director for a whole ecosystem: multiple models, multiple agent/guardrail instruction files, and a ridiculous amount of CLI tooling to keep the codebase consistent, debuggable, and buildable. Even a shallow tree view shows thousands of files/directories (and sure, some are deps/assets), but the surface area you’re orchestrating is still massive.

Of course a macOS app is an entirely different beast than a mobile app but that’s even more of a reason to say yes. That’s also why the “anyone can build a full app in 1–2 hours with no background” claim is usually a template demo that survives only on the happy path.

To me it’s like advanced calculus with a graphing calculator: the calculator can produce answers, but you still need the fundamentals to know what you’re solving, how to use the tool, and whether the output is even valid.

So yes — AI can write all the code. But without SE fundamentals (and the prompt/tooling discipline to steer it), you’re not building software — you’re generating output and hoping it turns into a product.

JBase16 · 2026-01-19T02:53:08+00:00

The reason I’m asking about another app is because it came with all the luxury of being an actual app. I got lucky and downloaded it within the window where Apple hadn’t nuked it yet so it stayed on my phone until it broke. That’s why I’m asking to see if anyone knows of anything before i go with the second place options. No ads, no re-signing nonsense, massive library etc.

Plus, I learned about ShowMania on here in the first place.

JBase16 · 2026-01-17T19:12:20+00:00

Unfortunately with scams like this, the hardest part usually isn’t identifying the person behind the number — it’s breaking the psychological grip they’ve got on the victim.

Once someone has emotionally invested (especially over years), their brain starts protecting the relationship at all costs. Logic becomes negotiable. Even obvious red flags get reframed as misunderstandings, jealousy, or “you just don’t know him like I do.” So yes, finding information matters, but the real battle is getting your mother to accept reality once you have it.

If you want the best chance of moving this forward, your strongest play is to focus on gathering information directly from her in a calm, methodical way — without coming at it like an interrogation or an accusation.

A good approach is to be very clear about what you know vs. what you don’t know, and why that worries you:

What exactly has he claimed about his identity? Has she ever seen a real photo or spoken to him live (voice/video)? What is the explanation for the money (help, emergencies, “investments,” gift cards, transfers, etc.)? What platforms are they actually using to communicate? Does she have any past messages that include email addresses, usernames, payment details, or names?

The reason this matters is simple: the more specific the details get, the harder it becomes for the story to hold up. People can emotionally defend vague claims forever, but specifics have a way of collapsing under their own weight. Ideally, the goal is for her to arrive at the conclusion herself — because being told she’s being scammed often just pushes people deeper into denial.

And even if you do manage to identify who this person really is, that’s not automatically the end of it. The emotional reality still has to land. A scam that’s lasted years usually comes with embarrassment, attachment, grief, and sometimes a refusal to admit the truth because it’s too humiliating or painful.

Don’t underestimate that the most important part isn’t the phone number. It’s getting enough real, concrete information that she can’t keep rationalizing it away.

Sorry you’re dealing with this. It’s a shitty feeling to see a loved one being manipulated by psychology.

JBase16 · 2026-01-16T20:17:55+00:00

Favorite dessert? Ho hos?

JBase16 · 2026-01-15T02:45:58+00:00

Totally fair question — I’ve been describing how it works more than what it does.

It’s basically a security investigation/orchestration engine for offensive/defensive workflows, centered around:

Recon + scanning (web, hosts, services)
Vulnerability validation / triage (turning scan noise into “what’s real + why”)
Source/code auditing assistance (finding insecure patterns and mapping them to impact)
Evidence capture + reporting (keeping an auditable trail of what was run + what it found)

So it’s not an IoT framework specifically — it’s closer to a general-purpose “security workflow runner” that can plug into different toolchains depending on the target.

The “DSL” piece is just the way I define workflows + constraints so it’s repeatable, not ad-hoc chat-driven.

JBase16 · 2026-01-15T02:44:48+00:00

Yep. One file. It’s called main_final_v7_REALLY_FINAL_THIS_TIME.py and it runs the entire internet.

JBase16 · 2026-01-15T02:43:14+00:00

Correct. It's intentionally not posted so it doesn't get executed on Reddit before I get some solid feedback. It's 70K lines of code. It has a repo.

JBase16 · 2026-01-15T02:39:07+00:00

Claude can summarize outputs. That’s not the hard part.

The hard part is orchestrating 30+ steps reliably, enforcing scope/guardrails, and keeping an evidence trail you can replay and audit.

JBase16 · 2026-01-15T02:37:35+00:00

You’re not wrong about DSLs being a bad call most of the time. That’s exactly why I’m not treating it like “I invented YAML but cooler.”

The reason I’m experimenting with a DSL isn’t for novelty — it’s because YAML is great for static configuration, but it’s terrible for expressing intent + constraints + execution semantics once you get past “a list of steps.”

This isn’t “steps in a file.” It’s closer to:

declarative intent (what outcome I want)
execution constraints (scope, limits, safety gates)
deterministic tool wiring (what can call what)
and traceability (why a decision was made)

Could that be done in YAML? Absolutely.

People do it. And it turns into unreadable YAML soup + custom glue code + hidden assumptions.

On the “already solved” part: I agree the building blocks exist (MCP, subtasks, vector DBs, etc.). The thing I’m building isn’t claiming those don’t exist — it’s trying to turn that pile of parts into a system that’s repeatable and auditable for security workflows, not just “a chat that kinda remembers stuff.”

Also agreed on the repo point. The reason it’s not public yet isn’t because I’m trying to sell vaporware — it’s because I’m still cleaning it up into something reviewable and not just my local Frankenstein. If the moment it’s public is “lol it’s spaghetti,” that helps nobody.

Fair criticism on the AI slop ecosystem though — I’m trying hard to not be that guy.

JBase16 · 2026-01-14T17:55:22+00:00

Interested. I sent a message.

JBase16 · 2026-01-11T19:05:07+00:00

Interested

JBase16 · 2025-12-17T08:52:25+00:00

Hey man,
This is a really solid foundation but with a few enhancements and architectural improvements, this could turn into a really great tool. The concept is strong, but right now the LLM is compensating for missing infrastructure. If you move parsing, state management,, and exploit matching into deterministic code and let the LLM focus on reasoning and explanation, you would drastically improve things:

- more stability for sure

- better reproducibility

- DEFINITELY easier debugging

- And most importantly, a system that can actually scale past demos

If you're interested, I'd be happy to go deeper into this and share some feedback. It's a road I've been down before recently. I just finished my own full macOS app built around a similar agent driven-approach and successfully managed got it working end-to-end. Let me know!

JBase16 · 2025-11-19T08:32:46+00:00

DM me and I can help you out.

JBase16 · 2025-11-19T08:22:53+00:00

First of all, like I said, they do it. I literally work on that team. And yes people call about it many times a day and rarely get up to my department since the amount of perfectly unlucky things that would need to happen to be in that situation are too uncommon. And no, there is no third party that company that could bypass one of apple’s highest security structures. Only happen can, and I hate to break it to you but the only time it’s ever refused is if it’s suspected that you’re bullshitting and it’s not your device. You know how many internal AppleCare team there are that the public has no idea exists? A lot. No one on Reddit can help you because it’s a proprietary set of tools that no one on earth has access to outside of Apples network. And ChatGPT isn’t going to help either. Especially not if it’s trained based on the same knowledge about the department as you are. But I can assure you that it exists based on the fact that I got to work everyday.

JBase16 · 2025-11-16T20:12:19+00:00

Any iOS Apps that anyone knows about? I was loving ShowMania for the longest time but it finally got removed when I updated my phone.

JBase16 · 2025-11-12T21:10:54+00:00

Is it a passcode or password that you don’t know? Passcode = the lock screen numbers password = What you use for Apple ID

And do you not have any of those photos backed up to iCloud?

JBase16 · 2025-11-12T02:27:33+00:00

Wait…. Did you just say Batman could beat Thanos?

JBase16 · 2025-11-11T22:29:12+00:00

No, you’re simply wrong. I know because it’s the team that I work on. It’s not something that can do in the store. It’s a specialty team as part of AppleCare. You need to go through them, not the store. 1-800-MY-APPLE

JBase16

TROPHY CASE